<?php

/*
*###########################################################################################################################*
#															    															#
#															    															#
#    **  ** ****** ** **  **  ****** ** ***   ** ***   ****** ** **  **  ** **  ** ** **  **    ****   ** **  **  ******    #
#    **  ** ****** ********** ****** *******  *******  ****** ********** ** **  ** **********  ******  ********** ******    #
#    **  ** **  ** **  **  ** **     ***   ** **    ** **     **  **  **    **  ** **  **  ** ***   ** **  **  ** **        #
#    ****** **  ** **  **  ** ****** **   *** **   *** ****** **  **  ** ** **  ** **  **  ** **       **  **  ** ******    #
#    ****** **  ** **  **  ** ****** *******  *******  ****** **  **  ** ** **  ** **  **  ** **       **  **  ** ******    #
#    **  ** **  ** **  **  ** **     *****    ******   **     **  **  ** ** **  ** **  **  ** ***   ** **  **  **     **    #
#    **  ** ****** **  **  ** ****** **       **  ***  ****** **  **  ** ** ****** **  **  **  ******  **  **  ** ******    #
#    **  ** ****** **  **  ** ****** **       **   *** ****** **  **  ** **  ** ** **  **  **   ****   **  **  ** ******    #
#															    															#
#															    															#
#															    															#
#    2010 - 2011 © HomePremiumCMS made by HomePemium as PremiumEye & Security by HomePremium and Merijnz		    		#
#															    															#
#    Powered by PhoenixPHP 3.7.1 (build 138000)										    									#
#															    															#
#															    															#
#															    															#
*###########################################################################################################################*
*/

define('USERNAME_REQUIRED', TRUE);
define('ACCOUNT_REQUIRED', TRUE);
include("../global.php");
	$username = $core->EscapeString($_SESSION['username']);

if($core->EscapeString($users->UserInfo($username, 'date')) == ''.$core->EscapeString($_POST['bdyear']).'-'.$core->EscapeString($_POST['bdmonth']).'-'.$core->EscapeString($_POST['bdday']).''){ 

	echo ''; 
	
}else{ 
	
	header("Location: ../settings.php?page=password&date=false&value=1&value=2&value=3"); 
	
}

if($core->EscapeString($_POST['curpassword']) == NULL){ header("location: ../settings.php?page=password&success=false"); }

elseif($core->EscapeString($_POST['newpassword']) == NULL){ header("location: ../settings.php?page=password&success=false"); }

elseif($core->EscapeString($_POST['conpassword']) == NULL){ header("location: ../settings.php?page=password&success=false"); }

elseif($core->EscapeString($_POST['newpassword']) < 6){ header("location: ../settings.php?page=password&success=fould"); }

elseif($core->EscapeString($_POST['conpassword']) < 6){ header("location: ../settings.php?page=password&success=fould"); }

	$curpassword = md5($_POST['curpassword']);
	$newpassword = md5($_POST['newpassword']);
	$conpassword = md5($_POST['conpassword']);
	$userq = mysql_query("SELECT * FROM users WHERE username = '".$core->EscapeString($_SESSION['username'])."' LIMIT 1");
	$user = mysql_fetch_array($userq);
	if($curpassword == strtolower($user['password']) && $newpassword == $conpassword && strlen($core->EscapeString($_POST['newpassword'])) >= 6)
	{
		$query = mysql_query("UPDATE users SET password = '".$newpassword."' WHERE mail = '".$user['mail']."'");
		if($query)
		{
			header("location: ../settings.php?page=password&success=true");
			return;
		}
	}
?>